Rethinking Risk Management

Abstract

HIPAA Data Security. The Health Insurance Portability and Accountability Act (HIPAA) of 1996 establishes a standard of due care for data security in healthcare organizations. The regulation requires each healthcare organization to conduct a security risk assessment to ensure that its security program effectively mitigates its risk. Key Questions: Do state-of-the-practice risk assessments accurately characterize the security risk confronting healthcare organizations? Are some risks overlooked by state-of-the-practice risk assessments?

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2004
Accession Number
ADA621875

Entities

People

  • Audrey J. Dorofee
  • Christopher J. Alberts

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Biomedical
  • Cyber
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Acquisition
  • Boundaries
  • Business Administration
  • Department Of Defense
  • Distributed Computing
  • Engineering
  • Gap Analysis
  • Information Operations
  • Information Security
  • Organizational Structure
  • Risk
  • Risk Analysis
  • Risk Factors
  • Risk Management
  • Security
  • Standards
  • Universities

Fields of Study

  • Political science

Readers

  • Defense Acquisition Program Management
  • Defense Technology Research and Development.
  • Medical or Health Care Field.